<?php

// Check if login button has been pressed
if(isset($_POST['login'])){
    // Define username and password
    $username = $_POST['username'];
    $password = $_POST['password'];
    // Do some stripslashes on them
    $username = stripslashes($username);
    $password = stripslashes($password);
    // Include our config file for mysql server connect and select database
    include "./include/connect.php";
    db_connect();

    // Query admins table and check if admin data is good
    $query = "SELECT username, password FROM admins WHERE username = '$username' AND password = '$password' LIMIT 1";
    $result = pg_query($query);
    $count = pg_num_rows($result);
    
    // If result is good start session and register it with s_logged_n
    if($count == 1){
        session_start();
        $_SESSION['s_logged_n'] = 'true';
        $_SESSION['s_username'] = $username;
        // Display successful login message
        echo "You have sucessfully logged in as $username, click <a href=\"admin.php\">here</a> to access the Admin Area.";
    }//if
    else {
        // If user or pass is wrong display it
        echo "Invalid username or password";
    }//else
} else {
// If someone try to open login.php only tells them to use form
echo "You must login over form, click <a href=\"form.php\">here</a> to go back to form";
}
?>
